Title

Individual user accounts with passwords are not set up and maintained for the SAN fabric switch. (Cat II impact)

Discussion

Without identification and authentication unauthorized users could reconfigure the SAN or disrupt its operation by logging in to the fabric switch and executing unauthorized commands. The IAO/NSO will ensure individual user accounts with passwords are set up and maintained for the SAN fabric switch in accordance with the guidance contained in Appendix B, CJCSM and the Network Infrastructure STIG.

Check Content

The reviewer, with the assistance of the IAO/NSO, will verify that individual user accounts with passwords are set up and maintained for the SAN fabric switch.

Fix Text

Develop a plan to reconfigure the SAN fabric switch to require user accounts and passwords. This plan also needs to include the creation and distribution of user accounts and passwords for each administrator who requires access to the SAN fabric switch. Obtain CM approval of the plan and then implement the plan.

Additional Identifiers

Rule ID: SV-6752r1_rule

Vulnerability ID: V-6632

Group Title: SAN Fabric Switch User Accounts with Passwords

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.